If you are logged in, your referral link [?] is automatically included below.
EMBED CODE (Copy and Paste)
BENEFITS OF DOCUMENT
Diagnose Cloud Security and Risk Standards projects, initiatives, organizations, businesses and processes using accepted diagnostic standards and practices.
Implement evidence-based best practice strategies aligned with overall goals.
Integrate recent advances in Cloud Security and Risk Standards and process design strategies into practice according to best practice guidelines.
DOCUMENT DESCRIPTION
This Cloud Security and Risk Standards Self Assessment helps you diagnose and address the following issues and questions:
IDS/IPS traffic pattern analysis can often detect or block attacks such as a denial-of-service attack or a network scan. However, in some cases this is legitimate traffic (such as using cloud infrastructure for load testing or security testing). Does the cloud provider have a documented exception process for allowing legitimate traffic that the IDS/IPS flags as an attack pattern?
It is clear that the CSP will face a large number of requests from its customers to prove that the CSP is secure and reliable. There a number of audit and compliance considerations for both the CSP and the customer to consider in cloud computing. First, which compliance framework should a CSP adopt to satisfy its customers and manage its own risks?
In addition to the security of your own customer data, customers should also be concerned about what data the provider collects and how the CSP protects that data. Specifically with regard to your customer data, what metadata does the provider have about your data, how is it secured, and what access do you, the customer, have to that metadata?
IDS/IPS content matching can detect or block known malware attacks, virus signatures, and spam signatures, but are also subject to false positives. If the cloud provider provides IDS/IPS services, is there a documented exception process for allowing legitimate traffic that has content similar to malware attacks or spam?
Security and authentication technologies, allied to event logging, in the cloud computing environment can help auditors as they deal with issues related to workflow were those who entered, approved, changed or otherwise touched data authorized to do so, on an individual, group or role-related basis?
As a CSP undertakes to build out or take a fresh look at its service offerings, the CSP should clearly define its business strategy and related risk management philosophy. What market segments or industries does the CSP intend to serve?
How do you know that a breach has occurred, how do you ensure that the CSP notifies you when a breach occurs, and who is responsible for managing the breach notification process (and costs associated with the process)?
An extra consideration when using cloud services concerns the handling of encryption keys - where are the keys stored and how are they made available to application code that needs to decrypt the data for processing?
Another critical success factor is that appropriate governance needs to be in place. That is, is an appropriate organizational structure in place to manage the organization facing the cloud computing solution?
The Self Assessment tool is built in MS Excel. The above preview showcases an example of a completed version. The secondary document includes a blank template, as well as a detailed 140+ page PDF guide. The guide provides a convenient way to distribute and share among the participants to prepare and discuss the Self Assessment.
Got a question about the product? Email us at [email protected] or ask the author directly by using the form to the right. If you cannot view the preview above this document description, go here to view the large preview instead.
Download our free compilation of 50+ Strategy & Transformation slides and templates. Frameworks include McKinsey 7-S Strategy Model, Balanced Scorecard, Disruptive Innovation, BCG Experience Curve, and many more.
To receive this free download, enter your email address below and click the "Email Me" button.
"My FlevyPro subscription provides me with the most popular frameworks and decks in demand in today’s market. They not only augment my existing consulting and coaching offerings and delivery, but also keep me abreast of the latest trends, inspire new products and service offerings for my practice, and educate me in a fraction of the time and money of other solutions. I strongly recommend FlevyPro to any consultant serious about success."
– Bill Branson, Founder at Strategic Business Architects
"FlevyPro provides business frameworks from many of the global giants in management consulting that allow you to provide best in class solutions for your clients."
– David Harris, Managing Director at Futures Strategy
"I like your product. I'm frequently designing PowerPoint presentations for my company and your product has given me so many great ideas on the use of charts, layouts, tools, and frameworks. I really think the templates are a valuable asset to the job."
– Roberto Fuentes Martinez, Manager at Technology Transformation Advisory
"As a consultant requiring up to date and professional material that will be of value and use to my clients, I find Flevy a very reliable resource.
The variety and quality of material available through Flevy offers a very useful and commanding source for information. Using Flevy saves me time, enhances my expertise and ends up being a good decision."
– Dennis Gershowitz, Principal at DG Associates
"Flevy is our 'go to' resource for management material, at an affordable cost. The Flevy library is comprehensive and the content deep, and typically provides a great foundation for us to further develop and tailor our own service offer."
– Chris McCann, Founder at Resilient.World
"As a young consulting firm, requests for input from clients vary and it's sometimes impossible to provide expert solutions across a broad spectrum of requirements. That was before I discovered Flevy.com.
Through subscription to this invaluable site of a plethora of topics that are key and crucial to consulting, I have been able to exceed expectations and deliver quality advice and solutions to my clients. The quality and expertise of the authors are exemplary and gives me great confidence to use as part of my service offerings.
I highly recommend this company for any consultant wanting to apply international best practice standards in their service offerings. "
– Nishi Singh, Strategist and MD at NSP Consultants
"FlevyPro has been a brilliant resource for me, as an independent growth consultant, to access a vast knowledge bank of presentations to support my work with clients. In terms of RoI, the value I received from the very first presentation I downloaded paid for my subscription many times over! The quality of the decks available allows me to punch way above my weight – it's like having the resources of a Big 4 consultancy at your fingertips at a microscopic fraction of the overhead."
– Roderick Cameron, Founding Partner at SGFE Ltd
"As an Independent Management Consultant, I find Flevy to add great value as a source of best practices, templates and information on new trends. Flevy has matured and the quality and quantity of the library is excellent. Lastly the price charged is reasonable, creating a win-win value for the customer, Flevy and the various authors. This is truly a service that benefits the consulting industry and associated clients. Thanks for providing this service. "
– Jim Schoen, Principal at FRC Group
"One of the great discoveries that I have made for my business is the Flevy library of training materials.
As a Lean Transformation Expert, I am always making presentations to clients on a variety of topics: Training, Transformation, Total Productive Maintenance, Culture, Coaching, Tools, Leadership Behavior, etc. Flevy usually has just what I need to make my point.
It is well worth the money to purchase these presentations. Sure, I have the knowledge and information to make my point. It is another thing to create a presentation that captures what I want to say. Flevy has saved me countless hours of preparation time that is much better spent with implementation that will actually save money for my clients."
– Ed Kemmerling, Senior Lean Transformation Expert at PMG
"Flevy is now a part of my business routine. I visit Flevy at least 3 times each month.
Flevy has become my preferred learning source, because what it provides is practical, current, and useful in this era where the business world is being rewritten.
In today's environment where there are so many challenges and there is the need to make the right decisions in a short time, with so much scattered information, we are fortunate to have Flevy. Flevy investigates, selects, and puts at our disposal the best of the best to help us be successful in our work."
– Omar Hernán Montes Parra, CEO at Quantum SFE
SELECT CUSTOMERS
Since 2012, we have provided best practices to over 5,000 businesses and organizations of all sizes across the world—in over 130 countries.
Below is just a very small sample of our customer base.
Did you know?
The average daily rate of a McKinsey consultant is $6,625 (not including expenses). The average price of a Flevy document is $65.
Download our free compilation of 50+ Strategy & Transformation slides and templates. Frameworks include McKinsey 7-S Strategy Model, Balanced Scorecard, Disruptive Innovation, BCG Experience Curve, and many more.
Please 
